/******************************************************************************
 * Decryptor class decrypts messages encrypted using the Encryptor class. It
 * uses OpenSSL enveloping to a RSA-decrypt one-time symmetric session key. The
 * session key is used to decrypt the payload. This work was done for Zero Leak
 * Architecture implementation for Dr. Hiroshi Fujinoki.
 *
 * Usage: Instantiated Decryptor must make the following calls in order:
 * keySrcFile(...), decryptSessionKey(...), decrypt(...).
 *****************************************************************************/
#ifndef DECRYPTOR_H_
#define DECRYPTOR_H_

#include <openssl/ssl.h>
#include <openssl/rand.h>

#define AES_256_BLOCK_SIZE	32

class Decryptor {
public:
	Decryptor(const char* rsa_keyfile, const EVP_CIPHER* cipher = EVP_aes_256_cbc());
	virtual ~Decryptor();

	unsigned char* DecryptPacket(unsigned char* pkt, int pkt_len, int* decrypt_len);
	Decryptor& setupSession(unsigned char* init_vector, unsigned char* session_key, int session_key_len);
	unsigned char* decrypt(unsigned char* encrypt_buf, int encrypt_len, int* decrypt_len);

private:
	Decryptor(Decryptor&);
	Decryptor& keySrcFile(const char* rsa_keyfile);

	EVP_CIPHER_CTX* ctx;			// context
	const EVP_CIPHER* type;			// symmetric cipher
	unsigned char* iv;				// initialization vector
	const char* privk_file;			// rsa private key file
	unsigned char* ek;				// encrypted session key
	EVP_PKEY* privk;				// private key
	RSA* rsa_key;					// owned by privk
	int ekl;						// length of ek
};

#endif /* DECRYPTOR_H_ */
